Vulnerabilities > Advantech > Webaccess > 8.4.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-07 | CVE-2023-2866 | Insufficient Verification of Data Authenticity vulnerability in Advantech Webaccess 8.4.5 If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. | 7.8 |
| 2021-10-18 | CVE-2021-33023 | Out-of-bounds Write vulnerability in Advantech Webaccess Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. | 9.8 |
| 2021-10-18 | CVE-2021-38389 | Out-of-bounds Write vulnerability in Advantech Webaccess Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. | 9.8 |
| 2021-09-09 | CVE-2021-38408 | Unspecified vulnerability in Advantech Webaccess A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. | 9.8 |
| 2020-09-22 | CVE-2020-16202 | Unspecified vulnerability in Advantech Webaccess WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges. | 7.8 |